4 SINGAPORE CYBER LANDSCAPE 2022 SINGAPORE CYBER LANDSCAPE 2022 5
In the last Singapore Cyber Landscape
(SCL), I wrote that we were encountering
increasingly sophisticated threats and more
brazen threat actors. Like in a long game of
chess, threat actors are always seeking new
ways to overcome defences, which means
cybersecurity defenders around the world
must constantly remain on our toes. True to
form, the cyber threat landscape intensied in
2022. This was fuelled by the ongoing Russia-
Ukraine conict and the opportunistic exploits
of cybercriminals as COVID-19 restrictions
began to ease. Disconcerting developments
over the past year included bespoke exploits
aimed at industrial Operational Technology
(OT) systems, ransomware groups targeting
essential organisations, and global service
disruptions caused by hacktivist groups,
among others.
As Winston Churchill once said, however,
“The pessimist sees the difficulty in
FOREWORD
every opportunity. The optimist sees the
opportunity in every difculty.” While there
were undoubtedly numerous persistent and
emergent cyber threats that arose in the
past year, there were also opportunities for
Singapore to work with like-minded cyber
organisations around the world to strengthen
our collective digital resilience.
This duality is best typied by the ransomware
threat. Ransomware groups hit a new
milestone in 2021 in terms of cyber-physical
impact. They caused widespread disruption,
leading to supermarkets closing, petrol
stations running out of fuel, and healthcare
services being delayed, all as a result of
compromised systems. In 2022, they outdid
this by disrupting an entire government’s
services – the ransomware attacks on Costa
Rica crippled around 30 critical services
including utilities and healthcare systems.
This resulted in the declaration of a state of
emergency by the government. The audacity
and severity of these attacks underscored the
urgent need for coordinated efforts among
governments to address the ransomware
threat.
This is exemplified by the Counter-
Ransomware Initiative (CRI), a global
coalition aimed at collectively addressing
the ransomware threat. Led by the US, the
CRI aims to prevent cryptocurrency use in
ransomware payments, share information,
develop guidelines, and build cyber capacity.
Singapore is fully involved in this initiative. We
are co-leads of the countering illicit nance
working group, committed to disrupting the
nancial ows, particularly in cryptocurrency,
to ransomware operators. Given the cross-
border nature of this menace, collaboration
within the CRI represents a key means to
deprive ransomware groups of their lifeblood,
creating a more hostile environment for them,
and breaking their business models.
This is also reected in our local approach.
While the country has been fortunate to avoid
the worst of these attacks, we established the
Counter-Ransomware Task Force (CRTF) in
2022, reecting our determination to combat
this growing menace. Chaired by the Cyber
Security Agency (CSA), the CRTF brings
together the expertise and resources of
various government agencies, including the
Government Technology Agency (GovTech),
Infocomm Media Development Authority
(IMDA), Ministry of Communications and
Information (MCI), Ministry of Defence
(MINDEF), Ministry of Home Affairs (MHA),
Monetary Authority of Singapore (MAS), and
Singapore Police Force (SPF), with support
from the Attorney-General’s Chambers
(AGC).
The Russia-Ukraine conflict serves as
another striking example of local agencies
banding together to confront cybersecurity
risks resulting from an unstable geopolitical
landscape. Now well past its 15
th
month, the
conict has greatly complicated the global
cybersecurity environment, with a surge
of hacktivist attacks on both sides and the
discovery of highly destructive malware.
One of the most worrying developments is
the increase of malicious programs targeting
industrial systems, posing a signicant threat
to vital services that sustain our daily lives
and capable of causing unprecedented harm.
These attacks have already caused signicant
disruption to Ukrainian systems. The potential
of their spread beyond the conict zone is a
catastrophic possibility.
As a small state whose security and existence
depends on the international rule of law,
Singapore can be adversely affected by
geopolitical instability and the potential
for spill-over effects in cyberspace. The
government worked closely with Critical